Category: Administration / Server

in the article how to generate a ssh key Ed25519 is the new DEFAULT STANDARD to be used to stay secure (for now) problem: loads of platforms also banks are still using RSA for https for online bankind F*** RSA […]

why have one package management system if the user can have 3x 4x 5x? https://en.wikipedia.org/wiki/APT_(software) https://salsa.debian.org/apt-team/apt.git to keep it simple imho it would be better to use only one “one to rule em all” (maybe python pip as exception) https://www.reddit.com/r/Ubuntu/comments/a364ii/proscons_of_snap_vs_apt/ […]

htop has a column called “S” (State) if the state of a process is “Z” (Zombie) that ain’t good htop states: S for sleeping process is waiting for an event to complete, could be I/O completion, a signal, or some […]

sometimes the most simple things are the trickiest X-D the question was, why if shutdown -r now is specified in a script or crontab directly: why won’t the server reboot (to activate newly via updates installed kernel?) the answer: crontab […]

how to get started: have a hetzner account login to https://console.hetzner.cloud/ create a new project click on project in the left menu there is a new entry: Object Storage tested and works: upload download delete untested: https://docs.hetzner.com/de/storage/object-storage/howto-protect-objects/protect-versioning/ pricing: https://docs.hetzner.com/de/storage/object-storage/overview/#preise max. […]

scroll down to: “how to access user-dev-admin’s home network boxes from anywhere via reverse-ssh-tunnel! :D” ssh tunnel remote deviceD’s port access a device’s port that is only available via a specific machine 😀 or in other words: ssh-tunnel port of […]

update: 2024-06: ed25519 is currently “the way to go” ssh can be regarded as “critical core infrastructure” time spend on it’s security is time well spend time + money well invested: https://www.openssh.com https://github.com/openssh current manpage: ssh.man.txt WARNING: this howto guide […]

network mac’s are used to uniquely identify systems and users and thus a privacy problem so mac randomization should be enabled per default on every distribution for every wifi network card (maybe interactively during setup ask the user to enable […]

has the system been shutdown properly “gracefully” or has it crashed? it does not have to be a software or hardware problem it could also be: insufficient shielding from terrestrial microwaves satellites lightning strike near by? or extra-terrestrial (the cosmos […]

GNU Linux howto ssh sshd config hardening security guide per default Debian (unfortunately) does not log ssh logins (why? afraid of harddisk overflows?) every user and admin wants to see “who and what is going on” the system usefull also […]

it might not be the best idea to install this software on machines with super secret data or access to expensive industry equipment (better use reverse ssh tunnel for that, yes it’s also possible to reverse-ssh-tunnel x11vnc but it’s pretty […]

the user knows, here the user get’s only the tested howtos that truly work and save a massive amount of time, trying out all the non-working howtos X-D what is mongodb (written in C++, JavaScript, Python) In 2013, 10gen changed […]

UNTESTED! 😀 these drives are called: “U.2 PCIe NVMe” no kidding, search for em on ebay. “Micron has been developing some of the world’s most advanced memory technologies for more than 40 years, including DRAM (Dynamic Random Access Memory) and […]

have to give a HUGHE praise to the Tor Project! just checked and they DO AN EXCELLENT job at keeping the user private the developers who constantly work to make the system better the thousands of volunteering admins that run […]

if the option firewall -> “delete” is greyed out first the firewall needs to be “dissassociated” with the resource (VPS VM)

methods for detecting network loops -> Realtek Remote Control Protocol – Loop Detect Packet – absolutley nothing wrong with it. (src) also interesting that HP switches are using a Cisco MAC address?

WARNING! MAKE BACKUP of ALL FILES ON THE HARDDISK! that being said, this search replace script works with the tool sed which required to escape all special characters. This tool will help with that: https://dwaves.de/tools/escape/ per default it will search […]

How to create an encrypted USB stick Creating an encrypted USB stick under GNU/Linux is fairly ease. First lets install required packages and erase everything from the stick gives good overview of where is what: (in a tree view style) […]

“to swap, or not to swap, that is the question”: definitely swap more! Shakespeare! “to encrypt, or not to encrypt” (if it contains valuable data: DEFINITELY ENCRYPT!!!) (general tutorial about lvm (logical volume management) “to lvm, or not to lvm” […]

this might sound trivial, but there are multiple approaches: # for (theoretically every) Debian, but not every Debian based system: cat /etc/debian_version 11.3 # for Debian 10 and prior hostnamectl|grep Op Operating System: Debian GNU/Linux 10 (buster) # for Debian […]

lsb_release -a; # tested under Description: Debian GNU/Linux 10 (buster) su – root # create new file touch /scripts/shutdown.sh chmod +x /scripts/shutdown.sh # edit and insert orange content vim /scripts/shutdown.sh #!/bin/bash echo “=== shutdown as gracefully as possible ===” # […]

create a new shared folder on the nas call it “data” enable NFSv4, disable NFSv3 specify list of IPs that are allowed to access the NFSv4 share: don’t forget to hit “Apply” the idea is “anyway” to NAS<-directly-LAN-1000MBit->PC connect the […]

IDE, SCSI, SATA, SAS now U.2 M.2… these drives are called: “U.2 PCIe NVMe” no kidding, search for em on ebay. that reminds of… “the usb cable chaos” has arrived with “Slim SAS” for another round of mass cable connector confusion […]

will be redone soon

colorful text gives much more oversight. errors are easier to spot when they are marked in red colorful text is acchieved by defining color codes “switching” between color modes and back to default vim /scripts/colors.sh #!/bin/bash RED=’\033[0;31m’ WHITE=’\033[0;37m’ YELLOW=’\033[0;33m’ COLOR_OFF=’\033[0m’ […]

equals to: one neat function of the find command, it that what it found can be passed to another program for further processing. or: it can delete the file by adding the option -delete BUT (!!!) THIS IS DANGEROUS! as […]

privacy is worth swapping wifi cards! Open Source & Free Software are THE GOLD STANDARD which means: would ALWAYS prefer the hazzle of replacing a wifi mini card with an wifi mini card, that is supported by open source drivers, […]

inxi – Command line system information script for console and IRC DESCRIPTION It is also used a debugging tool for forum technical support to quickly ascertain users’ system configurations and hardware. inxi shows system hardware, CPU, drivers, Xorg, Desktop, Kernel, […]